A computer-implemented method for automatically responding to domain name abuse is described. The method comprises the following steps. A plurality of disparate abuse feeds are received from a plurality of service providers. Each of the service providers is configured to collect information regarding a subset of potential domain name abuse and each abuse feed comprises data identifying domain names associated with the subset of potential domain name abuse. The data is filtered to create a custom abuse feed comprising a selective portion of the plurality of disparate abuse feeds. The filtered data from the custom abuse feed is grouped into groups of data based on predefined priority levels of the filtered data. For each of the groups of data, one or more corresponding workflows is executed as a response to the potential domain name abuse, wherein the workflow includes temporarily suspending a domain associated with the potential domain name abuse.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A computer-implemented method for automatically responding to domain name abuse, the method comprising: receiving, at a computer, a plurality of disparate abuse feeds from a plurality of service providers, each of the service providers configured to collect information regarding a subset of potential domain name abuse and each abuse feed comprising data identifying domain names associated with the subset of potential domain name abuse; filtering, by the computer, the data to create a custom abuse feed comprising a selective portion of the plurality of disparate abuse feeds; grouping, by the computer, the filtered data from the custom abuse feed into groups of data based on predefined priority levels of the filtered data; and for each of the groups of data, executing, by the computer, one or more corresponding workflows as a response to the potential domain name abuse, wherein the workflow includes temporarily suspending a domain associated with the potential domain name abuse.
2. The method of claim 1 , wherein the filters are predefined, customized or a combination thereof.
3. The method of claim 1 , wherein each of the plurality disparate abuse feeds has an associated reliability level, which is used to determine the customized priority level.
4. The method of claim 3 , wherein the reliability level is assigned by the service providers generating the abuse feeds, a trusted third party, the computer receiving the abuse feeds, or any combination thereof.
5. A non-transitory computer readable medium having stored thereon instructions for execution by a computing device, which when executed cause the computing device to implement: receiving a plurality of disparate abuse feeds from a plurality of service providers, each of the service providers configured to collect information regarding a subset of potential domain name abuse and each abuse feed comprising data identifying domain names associated with the subset of potential domain name abuse; applying one or more filters to the data to create a custom abuse feed comprising a selective portion of one of more of the plurality of disparate abuse feeds; grouping the filtered data from the custom abuse feed into groups of data based on predefined priority levels of the filtered data; and for each of the groups of data, executing one or more corresponding workflows as a response to the potential domain name abuse, wherein the workflow includes temporarily suspending a domain associated with the potential domain name abuse.
6. The non-transitory computer readable medium of claim 5 , wherein the filters are predefined, customized or a combination thereof.
7. The non-transitory computer readable medium of claim 5 , wherein each of the plurality disparate abuse feeds has an associated reliability level.
8. The non-transitory computer readable medium of claim 7 , wherein the reliability level is assigned by an abuse service generating the abuse feed, a trusted third party, the abuse sentry service or any combination thereof.
9. A computer-implemented method for automatically responding to domain name abuse, the method comprising: presenting a list of available abuse feeds from a plurality of service providers, each of the service providers configured to collect information regarding a subset of potential domain name abuse and each abuse feed comprising data identifying domain names associated with the subset of potential domain name abuse; storing a selection of desired data from the list of available abuse feeds; creating one or more filters to apply to the available abuse feeds in order to extract the desired data; storing customized priority levels for the desired data; storing customized workflows for the customized priority levels; and applying the customized filters and the customized workflows to the available abuse feeds as a response to the potential domain name abuse.
10. The method of claim 9 , wherein the list of available abuse feeds include detailed information about each of the data feeds for selection.
11. The method of claim 9 further comprising checking the workflow to ensure that there are no conflicts.
12. The method of claim 9 , wherein the filters are predefined, customized or a combination thereof.
13. The method of claim 9 , wherein each of the plurality disparate abuse feeds has an associated reliability level, which is used to determine the customized priority level.
14. The method of claim 13 , wherein the reliability level is assigned by the service providers generating the abuse feeds, a trusted third party, the computer applying the customized filters and the customized work flows, or any combination thereof.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
January 19, 2015
March 8, 2016
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.